CVEs-PoC/2018/CVE-2018-13910.md

### [CVE-2018-13910](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13910)
![](https://img.shields.io/static/v1?label=Product&message=Snapdragon%20Auto%2C%20Snapdragon%20Connectivity%2C%20Snapdragon%20Consumer%20Electronics%20Connectivity%2C%20Snapdragon%20Consumer%20IOT%2C%20Snapdragon%20Industrial%20IOT%2C%20Snapdragon%20Mobile%2C%20Snapdragon%20Voice%20%26%20Music%2C%20Snapdragon%20Wired%20Infrastructure%20and%20Networking&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Improper%20Input%20Validation%20of%20DDR%20Index%20in%20AC%20Assign%20Call&color=brighgreen)

### Description

Out-of-Bounds access in TZ due to invalid index calculated to check against DDR in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ8074, MDM9206, MDM9607, MDM9650, MDM9655, MSM8996AU, QCA8081, Qualcomm 215, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 650/52, SD 820, SD 820A, SDM439, Snapdragon_High_Med_2016

### POC

#### Reference
- https://www.qualcomm.com/company/product-security/bulletins

#### Github
No PoCs found on GitHub currently.